public-webappsec@w3.org from May 2012 by subject

[Bug 17042] Last-Event-ID is not a simple header

• bugzilla@jessica.w3.org (Sunday, 13 May)

[Bug 17205] New: graph.Facebook.com/ladybug2007

• bugzilla@jessica.w3.org (Saturday, 26 May)

[cors] hey hey

• Anne van Kesteren (Thursday, 31 May)
• Hill, Brad (Tuesday, 22 May)
• Anne van Kesteren (Tuesday, 22 May)

[cors] hey hey (review of revised CORS Security Considerations et al)

• =JeffH (Thursday, 31 May)

[webappsec] Bay Area F2F Tomorrow and Thursday

• Hill, Brad (Wednesday, 2 May)
• Hill, Brad (Wednesday, 2 May)
• Hill, Brad (Wednesday, 2 May)
• Hill, Brad (Tuesday, 1 May)
• Hill, Brad (Tuesday, 1 May)

[webappsec] ClearClick WAS2012 rv2

• Giorgio Maone (Thursday, 3 May)

[webappsec] DRAFT agenda for F2F

• Giorgio Maone (Thursday, 3 May)
• Hill, Brad (Thursday, 3 May)
• Giorgio Maone (Thursday, 3 May)

[webappsec] for afternoon F2F discussion, proposed CSP 1.1 JSONP directive

• Daniel Veditz (Wednesday, 2 May)
• Michal Zalewski (Wednesday, 2 May)
• Hill, Brad (Wednesday, 2 May)

[webappsec] Next F2F at TPAC 2012, Lyon, France, Oct

• Hill, Brad (Friday, 4 May)

[webappsec] Schedule for TPAC 2012

• Hill, Brad (Wednesday, 16 May)

[webappsec] Summary of anticlickjacking proposals

• Hill, Brad (Thursday, 3 May)

Agenda for May 8 Teleconference

• Eric Rescorla (Tuesday, 8 May)

An urge for CSP META tag in 1.0

• John Wilander (Thursday, 3 May)
• Michal Zalewski (Wednesday, 2 May)
• Tanvi Vyas (Tuesday, 1 May)
• Adam Barth (Tuesday, 1 May)
• Hill, Brad (Tuesday, 1 May)
• Daniel Veditz (Tuesday, 1 May)

Cancelled: May 22 Telecon

• Eric Rescorla (Tuesday, 22 May)

CfC: to stop work on From-Origin spec; deadline May 8

• Arthur Barstow (Wednesday, 2 May)

comments on Cross-Origin Resource Sharing (CORS) of 3-Apr-2012

• =JeffH (Wednesday, 2 May)

correct CSP frame-src value for a scripted iframe src?

• Tanvi Vyas (Friday, 4 May)
• Tanvi Vyas (Friday, 4 May)
• Adam Barth (Wednesday, 2 May)
• Ingo Chao (Tuesday, 1 May)
• Ingo Chao (Monday, 30 April)

CSP 1.0

• Adam Barth (Tuesday, 8 May)
• Daniel Veditz (Tuesday, 8 May)
• Adam Barth (Tuesday, 8 May)
• Daniel Veditz (Tuesday, 8 May)
• Adam Barth (Monday, 7 May)

CSP 1.1

• Adam Barth (Monday, 7 May)

CSP 1.1 - capability advertisement and sandbox directive

• Hill, Brad (Tuesday, 8 May)

CSP feature detection.

• Mike West (Wednesday, 2 May)

CSP transitivity and connect-src question

• Adam Barth (Tuesday, 1 May)

Draft minutes for May 2nd, 2012

• Eric Rescorla (Tuesday, 8 May)

Follow up on Test Jam

• Hill, Brad (Thursday, 31 May)

frame-options and the IETF websec WG

• Adam Barth (Friday, 4 May)

Keeping sandbox directive in CSP 1.0

• Jacob Rossi (Friday, 25 May)
• Adam Barth (Friday, 25 May)
• Tanvi Vyas (Friday, 25 May)
• Adam Barth (Tuesday, 15 May)
• Travis Leithead (Tuesday, 15 May)
• Jacob Rossi (Tuesday, 15 May)

Multiple Content-Security-Policy headers

• Eric Rescorla (Tuesday, 8 May)
• Tanvi Vyas (Tuesday, 8 May)
• Adam Barth (Tuesday, 8 May)
• Tanvi Vyas (Tuesday, 8 May)
• Daniel Veditz (Tuesday, 8 May)
• Adam Barth (Monday, 7 May)
• Tanvi Vyas (Monday, 7 May)
• Adam Barth (Monday, 7 May)
• Daniel Veditz (Monday, 7 May)
• Giorgio Maone (Friday, 4 May)
• Adam Barth (Friday, 4 May)
• Hill, Brad (Friday, 4 May)
• Adam Barth (Friday, 4 May)

proposed text for combining policies

• Hill, Brad (Wednesday, 2 May)

Recent CSP edits

• Adam Barth (Friday, 18 May)

Reverted dd1f7a1cd84f

• Adam Barth (Monday, 28 May)

Rough sketch of directives for CSP 1.1

• Tom Ritter (Thursday, 3 May)
• Hill, Brad (Thursday, 3 May)
• Adam Barth (Thursday, 3 May)
• Tom Ritter (Thursday, 3 May)
• Adam Barth (Thursday, 3 May)

same-origin assertions in the DNS (Fwd: [apps-discuss] draft-sullivan-domain-origin-assert-00)

• Thomas Roessler (Saturday, 5 May)

WebAppSec May F2F Minutes

• Josh Soref (Tuesday, 8 May)

When is the CORS Candidate Recommendation going to be published? [Was: Re: Cancelled: May 22 Telecon]

• Arthur Barstow (Tuesday, 22 May)

Last message date: Thursday, 31 May 2012 22:19:23 UTC